The following Fedora 28 Security updates need testing:
Age URL
322
https://bodhi.fedoraproject.org/updates/FEDORA-2018-d510cfd7eb
jgraphx-3.6.0.0-6.fc28
272
https://bodhi.fedoraproject.org/updates/FEDORA-2018-d7aeaa74da
nodejs-brace-expansion-1.1.11-1.fc28
270
https://bodhi.fedoraproject.org/updates/FEDORA-2018-bc073fdc1a
nodejs-atob-2.1.1-1.fc28
146
https://bodhi.fedoraproject.org/updates/FEDORA-2018-cc4b7af297
xerces-c27-2.7.0-28.fc28
99
https://bodhi.fedoraproject.org/updates/FEDORA-2018-aa3752ac3c
nginx-1.14.1-1.fc28
78
https://bodhi.fedoraproject.org/updates/FEDORA-2018-cc86ef9e22 squid-4.4-1.fc28
75
https://bodhi.fedoraproject.org/updates/FEDORA-2018-b18f9dd65b
tomcat-8.5.35-1.fc28
9
https://bodhi.fedoraproject.org/updates/FEDORA-2019-d7ef743ef0
librsvg2-2.42.7-2.fc28
8
https://bodhi.fedoraproject.org/updates/FEDORA-2019-fa95c8120f
thunderbird-60.5.1-1.fc28
7
https://bodhi.fedoraproject.org/updates/FEDORA-2019-fc866e9156
evolution-3.28.5-3.fc28
7
https://bodhi.fedoraproject.org/updates/FEDORA-2019-2dab60e288
systemd-238-12.git07f8cd5.fc28
7
https://bodhi.fedoraproject.org/updates/FEDORA-2019-216ba46b12
mingw-poppler-0.62.0-3.fc28
6
https://bodhi.fedoraproject.org/updates/FEDORA-2019-541e91b477
ignition-0.31.0-1.gitf59a653.fc28
6
https://bodhi.fedoraproject.org/updates/FEDORA-2019-6840b04618
firefox-65.0.1-1.fc28
6
https://bodhi.fedoraproject.org/updates/FEDORA-2019-f0add5eed0
openocd-0.10.0-11.fc28
6
https://bodhi.fedoraproject.org/updates/FEDORA-2019-8b5e704a73
poppler-0.62.0-16.fc28
6
https://bodhi.fedoraproject.org/updates/FEDORA-2019-6092f8c0dc SDL-1.2.15-31.fc28
6
https://bodhi.fedoraproject.org/updates/FEDORA-2019-f142d69d4b koji-1.16.2-1.fc28
6
https://bodhi.fedoraproject.org/updates/FEDORA-2019-2c2dfc65d1
distcc-3.2rc1-22.fc28
5
https://bodhi.fedoraproject.org/updates/FEDORA-2019-c54511eaab
ansible-2.7.8-1.fc28
5
https://bodhi.fedoraproject.org/updates/FEDORA-2019-d248c5aa39
php-Smarty-3.1.33-1.fc28
5
https://bodhi.fedoraproject.org/updates/FEDORA-2019-2f47af13f6
tor-0.3.4.11-1.fc28
5
https://bodhi.fedoraproject.org/updates/FEDORA-2019-86412405d5
bind-9.11.5-4.P4.fc28
4
https://bodhi.fedoraproject.org/updates/FEDORA-2019-82df33e428
drupal7-7.64-1.fc28
3
https://bodhi.fedoraproject.org/updates/FEDORA-2019-009fdcfb60
php-erusev-parsedown-1.7.1-1.fc28
3
https://bodhi.fedoraproject.org/updates/FEDORA-2019-31ad8a36d8
ckeditor-4.11.2-1.fc28
3
https://bodhi.fedoraproject.org/updates/FEDORA-2019-ff4e1a73a5
drupal7-link-1.6-1.fc28
2
https://bodhi.fedoraproject.org/updates/FEDORA-2019-3ee66c2020 gpsd-3.17-6.fc28
2
https://bodhi.fedoraproject.org/updates/FEDORA-2019-4fdf19459d
ming-0.4.9-0.1.20181112git5009802.fc28
2
https://bodhi.fedoraproject.org/updates/FEDORA-2019-c90f32a130 file-5.33-10.fc28
1
https://bodhi.fedoraproject.org/updates/FEDORA-2019-6a0717dc9a
php-typo3-phar-stream-wrapper2-2.0.1-1.fc28 drupal8-8.6.10-1.fc28
The following Fedora 28 Critical Path updates have yet to be approved:
Age URL
78
https://bodhi.fedoraproject.org/updates/FEDORA-2018-9f541b469b
nfs-utils-2.3.3-1.rc2.fc28
69
https://bodhi.fedoraproject.org/updates/FEDORA-2018-4dddcb3e5e
highlight-3.48-1.fc28
42
https://bodhi.fedoraproject.org/updates/FEDORA-2019-78153d357c
totem-pl-parser-3.26.2-1.fc28
35
https://bodhi.fedoraproject.org/updates/FEDORA-2019-e9c4843d39
volume_key-0.3.12-2.fc28
34
https://bodhi.fedoraproject.org/updates/FEDORA-2019-bb30467485
ostree-2019.1-2.fc28 rpm-ostree-2019.1-1.fc28
26
https://bodhi.fedoraproject.org/updates/FEDORA-2019-cb4a3023ef
iproute-4.20.0-1.fc28
23
https://bodhi.fedoraproject.org/updates/FEDORA-2019-67c405c3d8
hwdata-0.320-1.fc28
18
https://bodhi.fedoraproject.org/updates/FEDORA-2019-b9a64e04c4
polkit-0.115-2.2.fc28
15
https://bodhi.fedoraproject.org/updates/FEDORA-2019-d70bc2e1c8 samba-4.8.9-1.fc28
14
https://bodhi.fedoraproject.org/updates/FEDORA-2019-dc66cd245f
pungi-4.1.33-1.fc28
12
https://bodhi.fedoraproject.org/updates/FEDORA-2019-d1eff79041
selinux-policy-3.14.1-54.fc28
9
https://bodhi.fedoraproject.org/updates/FEDORA-2019-04bcb2f1b9
p11-kit-0.23.15-2.fc28
9
https://bodhi.fedoraproject.org/updates/FEDORA-2019-37a7efe938
osinfo-db-20190218-1.fc28
9
https://bodhi.fedoraproject.org/updates/FEDORA-2019-6c4e362bd0 dhcp-4.3.6-22.fc28
dnsperf-2.2.1-1.fc28 bind-dyndb-ldap-11.1-13.fc28 bind-9.11.5-2.P1.fc28
9
https://bodhi.fedoraproject.org/updates/FEDORA-2019-d7ef743ef0
librsvg2-2.42.7-2.fc28
9
https://bodhi.fedoraproject.org/updates/FEDORA-2019-1c53f1a6c8
ceph-12.2.11-1.fc28
8
https://bodhi.fedoraproject.org/updates/FEDORA-2019-fa95c8120f
thunderbird-60.5.1-1.fc28
7
https://bodhi.fedoraproject.org/updates/FEDORA-2019-2dab60e288
systemd-238-12.git07f8cd5.fc28
7
https://bodhi.fedoraproject.org/updates/FEDORA-2019-47c0aa90d9 fedora-repos-28-6
7
https://bodhi.fedoraproject.org/updates/FEDORA-2019-3c30fcfb70 radvd-2.17-13.fc28
7
https://bodhi.fedoraproject.org/updates/FEDORA-2019-fc866e9156
evolution-3.28.5-3.fc28
6
https://bodhi.fedoraproject.org/updates/FEDORA-2019-f142d69d4b koji-1.16.2-1.fc28
6
https://bodhi.fedoraproject.org/updates/FEDORA-2019-8b5e704a73
poppler-0.62.0-16.fc28
6
https://bodhi.fedoraproject.org/updates/FEDORA-2019-6840b04618
firefox-65.0.1-1.fc28
6
https://bodhi.fedoraproject.org/updates/FEDORA-2019-ba04d60040
breeze-icon-theme-5.55.0-1.fc28 extra-cmake-modules-5.55.0-1.fc28 kf5-5.55.0-1.fc28
kf5-attica-5.55.0-1.fc28 kf5-baloo-5.55.0-1.fc28 kf5-bluez-qt-5.55.0-1.fc28
kf5-frameworkintegration-5.55.0-1.fc28 kf5-kactivities-5.55.0-1.fc28
kf5-kactivities-stats-5.55.0-1.fc28 kf5-kapidox-5.55.0-1.fc28 kf5-karchive-5.55.0-1.fc28
kf5-kauth-5.55.0-1.fc28 kf5-kbookmarks-5.55.0-1.fc28 kf5-kcmutils-5.55.0-1.fc28
kf5-kcodecs-5.55.0-1.fc28 kf5-kcompletion-5.55.0-1.fc28 kf5-kconfig-5.55.0-1.fc28
kf5-kconfigwidgets-5.55.0-1.fc28 kf5-kcoreaddons-5.55.0-1.fc28 kf5-kcrash-5.55.0-1.fc28
kf5-kdbusaddons-5.55.0-1.fc28 kf5-kdeclarative-5.55.0-1.fc28 kf5-kded-5.55.0-1.fc28
kf5-kdelibs4support-5.55.0-1.fc28 kf5-kdesignerplugin-5.55.0-1.fc28
kf5-kdesu-5.55.0-1.fc28 kf5-kdewebkit-5.55.0-1.fc28 kf5-kdnssd-5.55.0-1.fc28
kf5-kdoctools-5.55.0-1.fc28 kf5-kemoticons-5.55.0-1.fc28 kf5-kfilemetadata-5.55.0-1.fc28
kf5-kglobalaccel-5.55.0-1.fc28 kf5-kguiad
dons-5.55.0-1.fc28 kf5-kholidays-5.55.0-1.fc28 kf5-khtml-5.55.0-1.fc28
kf5-ki18n-5.55.0-1.fc28 kf5-kiconthemes-5.55.0-1.fc28 kf5-kidletime-5.55.0-1.fc28
kf5-kimageformats-5.55.0-1.fc28 kf5-kinit-5.55.0-1.fc28 kf5-kio-5.55.0-1.fc28
kf5-kirigami2-5.55.0-1.fc28 kf5-kitemmodels-5.55.0-1.fc28 kf5-kitemviews-5.55.0-1.fc28
kf5-kjobwidgets-5.55.0-1.fc28 kf5-kjs-5.55.0-1.fc28 kf5-kjsembed-5.55.0-1.fc28
kf5-kmediaplayer-5.55.0-1.fc28 kf5-knewstuff-5.55.0-1.fc28
kf5-knotifications-5.55.0-1.fc28 kf5-knotifyconfig-5.55.0-1.fc28
kf5-kpackage-5.55.0-1.fc28 kf5-kparts-5.55.0-1.fc28 kf5-kpeople-5.55.0-1.fc28
kf5-kplotting-5.55.0-1.fc28 kf5-kpty-5.55.0-1.fc28 kf5-kross-5.55.0-1.fc28
kf5-krunner-5.55.0-1.fc28 kf5-kservice-5.55.0-1.fc28 kf5-ktexteditor-5.55.0-1.fc28
kf5-ktextwidgets-5.55.0-1.fc28 kf5-kunitconversion-5.55.0-1.fc28 kf5-kwallet-5.55.0-1.fc28
kf5-kwayland-5.55.0-1.fc28 kf5-kwidgetsaddons-5.55.0-1.fc28
kf5-kwindowsystem-5.55.0-1.fc28 kf5-kxmlgui-5.55.0-1.fc28 kf5-kxmlrpcclient-5.55.0-1.fc28
kf5-modemmanager-qt-5.55.0-1.fc28 kf5-networkmanager-qt-5.55.0-1.fc28
kf5-plasma-5.55.0-1.fc28 kf5-prison-5.55.0-1.fc28 kf5-purpose-5.55.0-1.fc28
kf5-solid-5.55.0-1.fc28 kf5-sonnet-5.55.0-1.fc28 kf5-syndication-5.55.0-1.fc28
kf5-syntax-highlighting-5.55.0-1.fc28 kf5-threadweaver-5.55.0-1.fc28
oxygen-icon-theme-5.55.0-1.fc28 qqc2-desktop-style-5.55.0-1.fc28
5
https://bodhi.fedoraproject.org/updates/FEDORA-2019-32cd33051c
realmd-0.16.3-12.fc28.1
5
https://bodhi.fedoraproject.org/updates/FEDORA-2019-0258dd6a40 pcre2-10.32-8.fc28
5
https://bodhi.fedoraproject.org/updates/FEDORA-2019-55312d5125
perl-Socket-2.029-1.fc28
2
https://bodhi.fedoraproject.org/updates/FEDORA-2019-68e7e119bb
udisks2-2.7.6-3.fc28
2
https://bodhi.fedoraproject.org/updates/FEDORA-2019-c90f32a130 file-5.33-10.fc28
2
https://bodhi.fedoraproject.org/updates/FEDORA-2019-9965db700b pcre-8.43-1.fc28
1
https://bodhi.fedoraproject.org/updates/FEDORA-2019-b2a3972b13 gcc-8.3.1-2.fc28
The following builds have been pushed to Fedora 28 updates-testing
cldr-emoji-annotation-34.12.14891_0-1.fc28
containernetworking-plugins-0.7.4-2.fc28
icedtea-web-1.8pre-0.2.fc28
pcp-4.3.1-1.fc28
perl-5.26.3-417.fc28
phan-1.2.5-1.fc28
podman-1.1.0-1.git006206a.fc28
python-operator-courier-1.0.2-1.fc28
qpid-proton-0.26.0-1.fc28
wxMaxima-19.02.2-1.fc28
xen-4.10.3-1.fc28
Details about builds:
================================================================================
cldr-emoji-annotation-34.12.14891_0-1.fc28 (FEDORA-2019-379302fca4)
Emoji annotation files in CLDR
--------------------------------------------------------------------------------
Update Information:
Emoji 12.0 is released.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Feb 26 2019 Takao Fujiwara <tfujiwar(a)gmail.com> - 34.12.14891_1
- Integrated release-35-alpha2
* Thu Jan 31 2019 Fedora Release Engineering <releng(a)fedoraproject.org> -
33.1.0_0-3
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
* Thu Jul 12 2018 Fedora Release Engineering <releng(a)fedoraproject.org> -
33.1.0_0-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1683106 - cldr-emoji-annotation-34.12.14891_0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1683106
--------------------------------------------------------------------------------
================================================================================
containernetworking-plugins-0.7.4-2.fc28 (FEDORA-2019-55b5ca5c54)
Libraries for writing CNI plugin
--------------------------------------------------------------------------------
Update Information:
add Provides kubernetes-cni for compatibility with upstream kubelet package
--------------------------------------------------------------------------------
ChangeLog:
* Wed Feb 27 2019 Jason Brooks <jbrooks(a)redhat.com> - 0.7.4-2
- add Provides kubernetes-cni for compatibility with upstream kubelet package
--------------------------------------------------------------------------------
================================================================================
icedtea-web-1.8pre-0.2.fc28 (FEDORA-2019-a74584e6e7)
Additional Java components for OpenJDK - Java browser plug-in and Web Start
implementation
--------------------------------------------------------------------------------
Update Information:
Bump to new majo upstream release. This will never go to stable. To stable will
be pushed package based on final usptream release.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Feb 26 2019 - Jiri Vanek <jvanek(a)redhat.com> -1.8pre-0.2
- itw-modularjdk.args marked as config(norepalce)
* Thu Feb 21 2019 - Jiri Vanek <jvanek(a)redhat.com> -1.8pre-0.1
- updated to soon to release itw 1.8 with native launchers
* Fri Feb 1 2019 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.7.1-12
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
pcp-4.3.1-1.fc28 (FEDORA-2019-2f1f39ec7a)
System-level performance monitoring and performance management
--------------------------------------------------------------------------------
Update Information:
Fixes pcp-dstat in --full (all instances) mode (BZ 1661912). Remove package
dependencies on initscripts (BZ 1592380). Set include directory for cppcheck use
(BZ 1663372). Update to latest PCP sources. ---- Add patch to enable
PMCD_LOCAL and PMLOGGER_LOCAL sysconfig vars ---- add missing build deps on
libuv for pmseries and libpcp_web
--------------------------------------------------------------------------------
ChangeLog:
* Wed Feb 27 2019 Mark Goodwin <mgoodwin(a)redhat.com> - 4.3.1-1
- Fixes pcp-dstat in --full (all instances) mode (BZ 1661912)
- Remove package dependencies on initscripts (BZ 1592380)
- Set include directory for cppcheck use (BZ 1663372)
- Update to latest PCP sources.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1661912 - "dstat -d -f -a" crashes
https://bugzilla.redhat.com/show_bug.cgi?id=1661912
[ 2 ] Bug #1592380 - [pcp] Drop requirements for 'initscripts' from specfile
https://bugzilla.redhat.com/show_bug.cgi?id=1592380
[ 3 ] Bug #1663372 - pcp does not set include dir for cppcheck
https://bugzilla.redhat.com/show_bug.cgi?id=1663372
--------------------------------------------------------------------------------
================================================================================
perl-5.26.3-417.fc28 (FEDORA-2019-f3460f6658)
Practical Extraction and Report Language
--------------------------------------------------------------------------------
Update Information:
This release fixes reporting a line number for non-terminated prototypes, first
eof() return value, a crash when compiling a malformed form, clobbering local
variables on long jumps, a mismatch with a case-insesitive regular expression on
a text with ligatures, a crash when parsing #line directives with large numbers
in eval, setting magic when changing $^R, a race when loading XS modules, and
extending a stack in Perl parser. It also improves C++ and GDBM tests.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Feb 26 2019 Petr Pisar <ppisar(a)redhat.com> - 4:5.26.3-417
- Add BuildRequires: gcc-c++ for tests
- Adjust tests to gdbm-1.15 using an upstream fix (RT#133295)
- Fix reporting a line number for non-terminated prototypes (RT#133524)
- Fix first eof() return value (RT#133721)
- Fix a crash when compiling a malformed form (RT#132158)
- Prevent long jumps from clobbering local variables (RT#133575)
- Fix a mismatch with a case-insesitive regular expression on a text with ligatures
(RT#133756)
- Fix a crash when parsing #line directives with large numbers in eval
(RT#131562)
- Fix setting magic when changing $^R (RT#133782)
- Fix a race when loading XS modules
- Fix extending a stack in Perl parser (RT#133778)
--------------------------------------------------------------------------------
================================================================================
phan-1.2.5-1.fc28 (FEDORA-2019-4636526087)
A static analyzer for PHP
--------------------------------------------------------------------------------
Update Information:
27 Feb 2019, **Phan 1.2.5** **New features (Analysis):** + Cache ASTs
generated by the polyfill to disk by default, improving performance of the
polyfill parser. (e.g. affects use cases where `php-ast` is not installed and
`--use-polyfill-parser` is enabled). ASTs generated by the native parser
(`php-ast`) are not cached. (For the language server/daemon mode, Phan stops
reading from/writing to the cache after it finishes initializing) + Be more
consistent warning about invalid callables passed to internal functions such as
`register_shutdown_function` (#2046) + Add `@phan-suppress-next-next-line` to
suppress issues on the line 2 lines below the comment. This is useful in block
comments/doc comments. (#2470) + Add `@phan-suppress-previous-line` to suppress
issues on the line above the comment. (#2470) + Detect
`PhanRedefineClassConstant` and `PhanRedefineProperty` when class constants and
properties are redefined. (#2492) **New features (CLI):** + Add `--disable-
cache` to disable the disk cache of ASTs generated by the polyfill. **Language
Server/Daemon mode:** + Show plaintext summaries of internal classes,
functions, methods, constants, and properties when hover text is requested. +
Show descriptions of superglobals and function parameters when hovering over a
variable. **Maintenance** + Render the constents in
`PhanUndeclaredMagicConstant` as `__METHOD__` instead of `MAGIC_METHOD`
**Plugins:** + Add `WhitespacePlugin` to check for trailing whitespace, tabs,
and carriage returns in PHP files. + Add
`HandleLazyLoadInternalFunctionCapability` so that plugins can modify Phan's
information about internal global functions when those functions are loaded
after analysis starts. + Add `SuspiciousParamOrderPlugin` which guesses if
arguments to functions are out of order based on the names used in the argument
expressions. E.g. warns about invoking `function example($first, $second,
$third)` as `example($mySecond, $myThird, $myFirst)` + Warn if too many
arguments are passed to `emitIssue`, `emitPluginIssue`, etc. (#2481) **Bug
fixes:** + Support parsing nullable template types in PHPDoc (e.g. `@return
?T`) + Allow casting `null` to `?\MyClass<\Something>`. + Fix false positive
PhanUndeclaredMagicConstant for `__METHOD__` and `__FUNCTION__` in
function/method parameters (#2490) + More consistently emit
`PhanParamReqAfterOpt` in methods (#1843).
--------------------------------------------------------------------------------
ChangeLog:
* Wed Feb 27 2019 Remi Collet <remi(a)remirepo.net> - 1.2.5-1
- update to 1.2.5
- add dependecy on mbstring
- add weak dependecy on igbinary
* Tue Feb 19 2019 Remi Collet <remi(a)remirepo.net> - 1.2.4-1
- update to 1.2.4
- raise dependency on composer/xdebug-handler 1.3.2
--------------------------------------------------------------------------------
================================================================================
podman-1.1.0-1.git006206a.fc28 (FEDORA-2019-2334f59273)
Manage Pods, Containers and Container Images
--------------------------------------------------------------------------------
Update Information:
Update to V1.1
--------------------------------------------------------------------------------
ChangeLog:
* Wed Feb 27 2019 dwalsh <dwalsh(a)redhat.com> - 1:1.1.0-1.git006206a
- Upstream 1.1.0 release
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1663272 - bash-completion doesn't work with podman
https://bugzilla.redhat.com/show_bug.cgi?id=1663272
[ 2 ] Bug #1661023 - podman broken metadata after out of disk space
https://bugzilla.redhat.com/show_bug.cgi?id=1661023
[ 3 ] Bug #1680664 - podman pull shows the blob progress twice
https://bugzilla.redhat.com/show_bug.cgi?id=1680664
[ 4 ] Bug #1680475 - podman AVCs on a host with unconfined disabled
https://bugzilla.redhat.com/show_bug.cgi?id=1680475
[ 5 ] Bug #1671027 - Building of ipa-server image with Podman on Fedora 29 via Beaker
task produces AVC denial
https://bugzilla.redhat.com/show_bug.cgi?id=1671027
--------------------------------------------------------------------------------
================================================================================
python-operator-courier-1.0.2-1.fc28 (FEDORA-2019-8c84e18f18)
Library and CLI tool to build, verify and push operator metadata
--------------------------------------------------------------------------------
Update Information:
Latest upstream.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Feb 27 2019 Ralph Bean <rbean(a)redhat.com> - 1.0.2-1
- new version
--------------------------------------------------------------------------------
================================================================================
qpid-proton-0.26.0-1.fc28 (FEDORA-2019-6b8b896b65)
A high performance, lightweight messaging library
--------------------------------------------------------------------------------
Update Information:
Rebased to 0.26.0.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Jan 7 2019 Irina Boverman <iboverma(a)redhat.com> - 0.26.0-1
- Rebased to 0.26.0
--------------------------------------------------------------------------------
================================================================================
wxMaxima-19.02.2-1.fc28 (FEDORA-2019-d8da282e14)
Graphical user interface for Maxima
--------------------------------------------------------------------------------
Update Information:
Update to latest stable release. The main changes are: * Corrected the line
break algorithm for printing and displaying maths and text; * Better GTK3
compatibility for Linux; * Many bugfixes for the display code; * The desktop
integration files now adheres to the newest standards; * Spelling fixes; * Many
Links were updated to https; * Sometimes the vertical size of maths was
overestimated; * Resolved a cell size recalculation bug; * Improved performance;
* A "File open" bug that was depending on the language setting.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Feb 27 2019 Jos�� Matos <jamatos(a)fedoraproject.org> - 19.02.2-1
- 19.02.2
* Sun Feb 3 2019 Fedora Release Engineering <releng(a)fedoraproject.org> - 18.12.0-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
* Sat Dec 29 2018 Jos�� Matos <jamatos(a)fedoraproject.org> - 18.12.0-1
- 18.12.0
* Mon Nov 26 2018 Rex Dieter <rdieter(a)fedoraproject.org> - 18.11.4-1
- 18.11.4
* Fri Nov 9 2018 Rex Dieter <rdieter(a)fedoraproject.org> - 18.10.2-1
- 18.10.2
* Fri Nov 9 2018 Rex Dieter <rdieter(a)fedoraproject.org> - 18.10.1-1
- 18.10.1
* Wed Sep 26 2018 Rex Dieter <rdieter(a)fedoraproject.org> - 18.10.0-1
- 18.10.0
- update URL, drop Group
* Mon Sep 24 2018 Rex Dieter <rdieter(a)fedoraproject.org> - 18.02.0-1
- 18.02.0
- drop references to now-absent texinfo content
- .spec cosmetics, use %autosetup %make_build %_metainfodir
* Sat Jul 14 2018 Fedora Release Engineering <releng(a)fedoraproject.org> - 17.10.1-4
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1680656 - [abrt] wxMaxima: wxTrap(): wxmaxima killed by SIGTRAP
https://bugzilla.redhat.com/show_bug.cgi?id=1680656
[ 2 ] Bug #1591430 - [abrt] wxMaxima: poll_for_event(): wxmaxima killed by SIGABRT
https://bugzilla.redhat.com/show_bug.cgi?id=1591430
--------------------------------------------------------------------------------
================================================================================
xen-4.10.3-1.fc28 (FEDORA-2019-ca856b52ca)
Xen is a virtual machine monitor
--------------------------------------------------------------------------------
Update Information:
update to xen-4.10.3 ---- - insufficient TLB flushing / improper large page
mappings with AMD IOMMUs [XSA-275] (#1651665) - x86: DoS from attempting to use
INVPCID with a non-canonical addresses [XSA-279] - Fix for XSA-240 conflicts
with shadow paging [XSA-280] ---- guest use of HLE constructs may lock up host
[XSA-282]
--------------------------------------------------------------------------------
ChangeLog:
* Tue Feb 26 2019 Michael Young <m.a.young(a)durham.ac.uk> - 4.10.3-1
- update to xen-4.10.3
adjust xen.use.fedora.ipxe.patch
drop most of xen.fedora.efi.build.patch and let efi build on i686
remove patches for issues now fixed upstream
* Tue Nov 20 2018 Michael Young <m.a.young(a)durham.ac.uk> - 4.10.2-4
- insufficient TLB flushing / improper large page mappings with AMD IOMMUs
[XSA-275, CVE-2018-19961, CVE-2018-19962] (#1651665)
- x86: DoS from attempting to use INVPCID with a non-canonical addresses
[XSA-279, CVE-2018-19965] (#1651970)
- Fix for XSA-240 conflicts with shadow paging [XSA-280, CVE-2018-19966]
(#1652251)
* Tue Nov 6 2018 Michael Young <m.a.young(a)durham.ac.uk> - 4.10.2-3
- guest use of HLE constructs may lock up host [XSA-282, CVE-2018-19967]
* Thu Oct 25 2018 Michael Young <m.a.young(a)durham.ac.uk> - 4.10.2-2
- x86: Nested VT-x usable even when disabled [XSA-278, CVE-2018-18883]
(#1643118)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1647573 - CVE-2018-19961 CVE-2018-19962 xen: insufficient TLB flushing /
improper large page mappings with AMD IOMMUs
https://bugzilla.redhat.com/show_bug.cgi?id=1647573
[ 2 ] Bug #1647588 - CVE-2018-19965 xen: x86: DoS from attempting to use INVPCID with a
non-canonical addresses
https://bugzilla.redhat.com/show_bug.cgi?id=1647588
[ 3 ] Bug #1652235 - CVE-2018-19966 xsa280 xen: Conflicts with shadow paging due to
XSA-240 incomplete fix (XSA-280)
https://bugzilla.redhat.com/show_bug.cgi?id=1652235
--------------------------------------------------------------------------------